From nobody Mon Feb 9 10:27:47 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+87516+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+87516+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1647132109747699.6261389424716; Sat, 12 Mar 2022 16:41:49 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id NmKXYY1788612xuOGguLMFw3; Sat, 12 Mar 2022 16:41:50 -0800 X-Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by mx.groups.io with SMTP id smtpd.web12.10908.1647132088165160377 for ; Sat, 12 Mar 2022 16:41:50 -0800 X-IronPort-AV: E=McAfee;i="6200,9189,10284"; a="319056949" X-IronPort-AV: E=Sophos;i="5.90,177,1643702400"; d="scan'208";a="319056949" X-Received: from orsmga007.jf.intel.com ([10.7.209.58]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Mar 2022 16:41:49 -0800 X-IronPort-AV: E=Sophos;i="5.90,177,1643702400"; d="scan'208";a="539479383" X-Received: from xshi3x-mobl.ccr.corp.intel.com (HELO mxu9-mobl1.ccr.corp.intel.com) ([10.249.171.182]) by orsmga007-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Mar 2022 16:41:47 -0800 From: "Min Xu" To: devel@edk2.groups.io Cc: Min Xu , Michael D Kinney , Brijesh Singh , Erdem Aktas , James Bottomley , Jiewen Yao , Tom Lendacky , Gerd Hoffmann Subject: [edk2-devel] [PATCH V5 08/10] OvmfPkg/IncompatiblePciDeviceSupportDxe: Ignore OptionRom in Td guest Date: Sun, 13 Mar 2022 08:41:09 +0800 Message-Id: <20220313004111.388-9-min.m.xu@intel.com> In-Reply-To: <20220313004111.388-1-min.m.xu@intel.com> References: <20220313004111.388-1-min.m.xu@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,min.m.xu@intel.com X-Gm-Message-State: ciuNke9vJFDC92mDAyiImmnwx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1647132110; bh=xU1ihVDdv5j+Kx0b02mKu4Cb3Rod0fPDfmBRHOXGMjQ=; h=Cc:Date:From:Reply-To:Subject:To; b=kB4GhM4QnSX4zPuQBIPPFdLXf++aAjSWwOrJC9SUIhVTKlucs7o2lUHu7TpLxpc7BvN ILZU9DpYwRmYNO28nxg4NjyhMnfXk2zhG7KI0H7LdW+TBvEhhvd7frWQK0V500XSGwl0A TRcq0kcUbWlT9jlCGlC4OQcMvw+XP+byfX4= X-ZohoMail-DKIM: fail (Signature date is -1 seconds in the future.) X-ZM-MESSAGEID: 1647132111320100011 Content-Type: text/plain; charset="utf-8" RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3429 Host VMM may inject OptionRom which is untrusted in Td guest. So PCI OptionRom needs to be ignored if it is Td guest. According to "Table 20. ACPI 2.0 & 3.0 QWORD Address Space Descriptor Usage" PI spec 1.7, type-specific flags can be set to 0 when Address Translation Offset =3D=3D 6 to skip device option ROM. Cc: Michael D Kinney Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Cc: Gerd Hoffmann Signed-off-by: Min Xu Acked-by: Gerd Hoffmann --- .../IncompatiblePciDeviceSupport.c | 46 +++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/OvmfPkg/IncompatiblePciDeviceSupportDxe/IncompatiblePciDeviceS= upport.c b/OvmfPkg/IncompatiblePciDeviceSupportDxe/IncompatiblePciDeviceSup= port.c index f5c03bdf6dd6..2d385d26ef28 100644 --- a/OvmfPkg/IncompatiblePciDeviceSupportDxe/IncompatiblePciDeviceSupport.c +++ b/OvmfPkg/IncompatiblePciDeviceSupportDxe/IncompatiblePciDeviceSupport.c @@ -71,6 +71,40 @@ STATIC CONST EFI_ACPI_ADDRESS_SPACE_DESCRIPTOR mMmio64C= onfiguration =3D { // use probed BAR size }; =20 +// +// mOptionRomConfiguration is present only in Td guest. +// Host VMM can inject option ROM which is untrusted in Td guest, +// so PCI option ROM needs to be ignored. +// According to "Table 20. ACPI 2.0 & 3.0 QWORD Address Space Descriptor U= sage" +// PI spec 1.7, type-specific flags can be set to 0 when +// Address Translation Offset =3D=3D 6 to skip device option ROM. +// +STATIC CONST EFI_ACPI_ADDRESS_SPACE_DESCRIPTOR mOptionRomConfiguration = =3D { + ACPI_ADDRESS_SPACE_DESCRIPTOR, // Desc + (UINT16)( // Len + sizeof (EFI_ACPI_ADDRES= S_SPACE_DESCRIPTOR) - + OFFSET_OF ( + EFI_ACPI_ADDRESS_SPAC= E_DESCRIPTOR, + ResType + ) + ), + ACPI_ADDRESS_SPACE_TYPE_MEM, // ResType + 0, // GenFlag + 0, // Disable option roms = SpecificFlag + 64, // AddrSpaceGranularity: + // aperture selection= hint + // for BAR allocation + MAX_UINT64, // AddrRangeMin + MAX_UINT64, // AddrRangeMax: + // no special alignme= nt + // for affected BARs + 6, // AddrTranslationOffse= t: + // hint covers all + // eligible BARs + 0 // AddrLen: + // use probed BAR size +}; + STATIC CONST EFI_ACPI_END_TAG_DESCRIPTOR mEndDesc =3D { ACPI_END_TAG_DESCRIPTOR, // Desc 0 // Checksum: to be igno= red @@ -227,6 +261,13 @@ CheckDevice ( // Length =3D sizeof mMmio64Configuration + sizeof mEndDesc; =20 + // + // In Td guest OptionRom is not allowed. + // + if (TdIsEnabled ()) { + Length +=3D sizeof mOptionRomConfiguration; + } + *Configuration =3D AllocateZeroPool (Length); =20 if (*Configuration =3D=3D NULL) { @@ -245,6 +286,11 @@ CheckDevice ( CopyMem (Ptr, &mMmio64Configuration, sizeof mMmio64Configuration); Length =3D sizeof mMmio64Configuration; =20 + if (TdIsEnabled ()) { + CopyMem (Ptr + Length, &mOptionRomConfiguration, sizeof mOptionRomConf= iguration); + Length +=3D sizeof mOptionRomConfiguration; + } + CopyMem (Ptr + Length, &mEndDesc, sizeof mEndDesc); =20 return EFI_SUCCESS; --=20 2.29.2.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#87516): https://edk2.groups.io/g/devel/message/87516 Mute This Topic: https://groups.io/mt/89743610/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-